One in four UK consumers have had online accounts hacked

As user engagement with ecommerce sites and online services inevitably increases in the run up to Christmas, almost a quarter (24 per cent) of UK consumers have had their account hacked or data stolen for an online service, with five per cent having been compromised more than once.

As consumers continue to head online in their droves to do their Christmas shopping, they expect their details to be secure. However, when asked about the services for which accounts had been hacked, it was found that 25 per cent of the incidents involved Hotmail, 21 per cent involved Facebook and 11 per cent involved Yahoo!, Yahoo! Mail or Y! Mail accounts.

Considering a lot of consumers use the same password across a number of sites and many retail sites have customers using email addresses as usernames or allow users to login through Facebook, this will be a worry for online Christmas shoppers. Retail and payment services also featured in the research with 6 per cent of hacking incidents involving PayPal and 4 per cent involving eBay.

The research, conducted by Populus among a representative sample of 2,012 UK respondents, also looked at the actions consumers would take following a data breach, and found that a huge 25 per cent of respondents said that they would terminate a service immediately if their account was compromised or data stolen. This is an alarming figure for companies that have experienced breaches, and those still relying on the flawed username and password system.

In addition to this, some 16 per cent of respondents also said that that they would look for an alternative service and move if a suitable replacement was found. Only 37 per cent say they would reset their details and carry on using the service as normal.

Perhaps unsurprisingly, given the number of people who have had accounts or data compromised, the research also found that only 60 per cent of respondents trust the username and password authentication process as a secure way to access online services. 26 per cent don’t trust the process and a further 14 per cent are unsure.

Commenting on the findings, Brian Spector, CEO of CertiVox said, “This research shows that despite the rush of Christmas shopping online, many consumers are wary and believe that the username and password authentication system is not secure enough to protect their data. When you consider this coupled with the fact that the services identified as being hacked the most are some of the biggest names in technology with hundreds of millions, or even billions of users, it is amazing that there hasn’t been a whole-scale move away from usernames and passwords.

“It is clear from the research that services which do not secure their users’ data adequately are likely to start seeing users move away. This should act as a prompt to businesses everywhere to consider their security more carefully than ever before.”

The research surveyed a UK representative sample of 2012 adults (18+) on their views on online security in December 2013. Specifically consumers were asked about their views on the username and password system, additional security measures, and their own experience of online security breaches.